This generated two files which contained the values needed.
I filled out “Auth Token (API Key)” using an API key obtained from ZeroTier admin. I am unsure if this is required but I did it anyway.
I had to click the option for “Host Network”.
I can now access my TrueNAS SCALE machine via the external ZeroTier IP. I can also restart the ZeroTier app on TrueNAS and it persists the same external IP.
I say “mostly” success because the ZeroTier app in TrueNAS always seems to get stuck in the “Deploying” state. When I shutdown the app and start it again, at first the app goes to the “Running” state and then after a few seconds flicks back to the “Deploying” state. However everything seems to be working I can access TrueNAS via it ZeroTier external IP.
The final app log entry says “Startup probe failed: unknown network ID, check that you are a member of the network”, however everything works.
I didn’t put the API KEY values but I just checked Host Network, it works but every restart asks me to be authorized in the ZeroTier dashboard because it changes the device identifier. Has this happened to you?
Thanks for the instructions for getting the secret and public.
What do we put where it says Network* ? Do we put the 16-digit network ID?
In the list of running applications in the TrueNAS app settings, my Zerotier is stuck saying “Deploying”, and never gets to “Running” like the other apps. 1Gi of memory should be plenty, right?
Also I got a pop-up that said
zerotier
Scaled workload(s) successfully to 1 replica(s)
You can also do this from the shell in TrueNas, no additional device needed - click the hamburger icon for the deploying zerotier app tile and select Shell
In TrueNas, the (?) help associated with Host Network says: “It’s recommended to keep this disabled” so what is the justification for ignoring this?
Yeah, I’m stuck on the “Deploying” and that definitely isn’t right.
Mine says => Sleeping indefinitely
and I haven’t been able to so much as ping the zerotier-provided IP address successfully
To solve this I filled out “Identity Secret” and “Identity Public”.
I obtained these values by going to another machine on my network which already successfully had ZeroTier installed. I then used this command zerotier-idtool generate identity.secret identity.public
Previously without generating the identity.secret/public I could use zerotier, connect to webmin and ssh. But every 5 minutes the container would say ‘deploying’ and try and make a new authorization to zerotier. I had to manually delete over 2000 unauthorized members from my zerotier webmin.
Since putting in the identity.secret/public into the truenas container those issues are resolved. For those that have it working but can’t connect. The only thing I can think of that might be different on my setup to those without a working setup is I setup a network bridge in truenas to make using the containers easier, that might be what everyone else is missing.
Good luck, we can probably all agree that the truenas chart for zerotier is poorly done.
If I had to guess, the option says “let this app bind to the machines host network”, which for most services isn’t needed, however it is needed for a service providing core networking capabilities like zerotier
Hey, just wanted to give an update for anyone still looking now:
On the latest version of Truenas (ElectricEel 24.10) which now just uses plain Docker containers instead of Kubernetes, I submitted an issue to update the container to use storage by default.
This should fix the playing around with identity.secret and identity.public needed in the past, and you can just install the container with the network ID, authorize it, and be on your way.
